package com.baidu.disconf.web.web.auth;

import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.baidu.disconf.web.service.sign.form.SigninForm;
import com.baidu.disconf.web.service.sign.service.SignMgr;
import com.baidu.disconf.web.service.user.bo.User;
import com.baidu.disconf.web.service.user.dto.Visitor;
import com.baidu.disconf.web.service.user.form.PasswordModifyForm;
import com.baidu.disconf.web.service.user.service.UserMgr;
import com.baidu.disconf.web.service.user.vo.VisitorVo;
import com.baidu.disconf.web.web.auth.constant.LoginConstant;
import com.baidu.disconf.web.web.auth.login.RedisLogin;
import com.baidu.disconf.web.web.auth.validator.AuthValidator;
import com.baidu.dsp.common.annotation.NoAuth;
import com.baidu.dsp.common.constant.ErrorCode;
import com.baidu.dsp.common.constant.WebConstants;
import com.baidu.dsp.common.controller.BaseController;
import com.baidu.dsp.common.vo.JsonObjectBase;
import com.baidu.ub.common.commons.ThreadContext;

/**
 * @author liaoqiqi
 * @version 2014-1-20
 */
@Controller
@RequestMapping(WebConstants.API_PREFIX + "/account")
public class UserController extends BaseController {

	protected static final Logger LOG = LoggerFactory.getLogger(UserController.class);

	@Autowired
	private UserMgr userMgr;

	@Autowired
	private AuthValidator authValidator;

	@Autowired
	private SignMgr signMgr;

	@Autowired
	private RedisLogin redisLogin;

	/**
	 * GET 获取
	 *
	 * @param
	 *
	 * @return
	 */
	@NoAuth
	@RequestMapping(value = "/session", method = RequestMethod.GET)
	@ResponseBody
	public JsonObjectBase get() {

		VisitorVo visitorVo = userMgr.getCurVisitor();
		if (visitorVo != null) {

			return buildSuccess("visitor", visitorVo);

		} else {

			// 没有登录啊
			return buildGlobalError("syserror.inner", ErrorCode.GLOBAL_ERROR);
		}
	}

	/**
	 * 登录
	 *
	 * @param signin
	 * @param request
	 *
	 * @return
	 */
	@NoAuth
	@RequestMapping(value = "/signin", method = RequestMethod.POST)
	@ResponseBody
	public JsonObjectBase signin(@Valid SigninForm signin, HttpServletRequest request) {

		LOG.info(signin.toString());

		// 验证
		authValidator.validateLogin(signin);

		// 数据库登录
		User user = signMgr.signin(signin.getName());

		// 过期时间
		int expireTime = LoginConstant.SESSION_EXPIRE_TIME;
		if (signin.getRemember().equals(1)) {
			expireTime = LoginConstant.SESSION_EXPIRE_TIME2;
		}

		// redis login
		redisLogin.login(request, user, expireTime);

		VisitorVo visitorVo = userMgr.getCurVisitor(request.getSession());

		return buildSuccess("visitor", visitorVo);
	}

	/**
	 * 登出
	 *
	 * @param request
	 *
	 * @return
	 */
	@NoAuth
	@RequestMapping(value = "/signout", method = RequestMethod.GET)
	@ResponseBody
	public JsonObjectBase signout(HttpServletRequest request) {

		redisLogin.logout(request);

		return buildSuccess("ok", "ok");
	}

	/**
	 * 修改密码
	 *
	 * @param
	 *
	 * @return
	 */
	@RequestMapping(value = "/password", method = RequestMethod.PUT)
	@ResponseBody
	public JsonObjectBase password(@Valid PasswordModifyForm passwordModifyForm, HttpServletRequest request) {

		// 校验
		authValidator.validatePasswordModify(passwordModifyForm);

		// 修改
		Visitor visitor = ThreadContext.getSessionVisitor();
		userMgr.modifyPassword(visitor.getLoginUserId(), passwordModifyForm.getNew_password());

		// re login
		redisLogin.logout(request);

		return buildSuccess("修改成功，请重新登录");
	}
}
